Login
Newsletter
Werbung

Sicherheit: Zwei Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in Linux
ID: openSUSE-SU-2016:2584-1
Distribution: SUSE
Plattformen: openSUSE 13.1
Datum: Fr, 21. Oktober 2016, 17:20
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8666
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
Applikationen: Linux

Originalnachricht

   openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________

Announcement ID: openSUSE-SU-2016:2584-1
Rating: important
References: #1001419 #1001486 #1002165 #1004418
Cross-References: CVE-2016-5195 CVE-2016-8666
Affected Products:
openSUSE 13.1
______________________________________________________________________________

An update that solves two vulnerabilities and has two fixes
is now available.

Description:


The openSUSE 13.1 kernel was updated to fix bugs and security issues.

The following security bugs were fixed:

- CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers
to cause a denial of service (stack consumption and panic) or possibly
have unspecified other impact by triggering use of the GRO path for
packets with tunnel stacking, as demonstrated by interleaved IPv4
headers and GRE headers, a related issue to CVE-2016-7039 (bnc#1001486).
- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed,
which is reportedly exploited in the wild (bsc#1004418).

The following non-security bugs were fixed:

- sched/core: Fix a race between try_to_wake_up() and a woken up task
(bsc#1002165, bsc#1001419).
- sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule()
(bnc#1001419).
- tunnels: Do not apply GRO to multiple layers of encapsulation
(bsc#1001486).


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.1:

zypper in -t patch openSUSE-2016-1211=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.1 (i586 x86_64):

cloop-2.639-11.34.1
cloop-debuginfo-2.639-11.34.1
cloop-debugsource-2.639-11.34.1
cloop-kmp-default-2.639_k3.12.62_55-11.34.1
cloop-kmp-default-debuginfo-2.639_k3.12.62_55-11.34.1
cloop-kmp-desktop-2.639_k3.12.62_55-11.34.1
cloop-kmp-desktop-debuginfo-2.639_k3.12.62_55-11.34.1
cloop-kmp-xen-2.639_k3.12.62_55-11.34.1
cloop-kmp-xen-debuginfo-2.639_k3.12.62_55-11.34.1
crash-7.0.2-2.34.1
crash-debuginfo-7.0.2-2.34.1
crash-debugsource-7.0.2-2.34.1
crash-devel-7.0.2-2.34.1
crash-doc-7.0.2-2.34.1
crash-eppic-7.0.2-2.34.1
crash-eppic-debuginfo-7.0.2-2.34.1
crash-gcore-7.0.2-2.34.1
crash-gcore-debuginfo-7.0.2-2.34.1
crash-kmp-default-7.0.2_k3.12.62_55-2.34.1
crash-kmp-default-debuginfo-7.0.2_k3.12.62_55-2.34.1
crash-kmp-desktop-7.0.2_k3.12.62_55-2.34.1
crash-kmp-desktop-debuginfo-7.0.2_k3.12.62_55-2.34.1
crash-kmp-xen-7.0.2_k3.12.62_55-2.34.1
crash-kmp-xen-debuginfo-7.0.2_k3.12.62_55-2.34.1
hdjmod-debugsource-1.28-16.34.1
hdjmod-kmp-default-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-default-debuginfo-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-desktop-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-desktop-debuginfo-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-xen-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-xen-debuginfo-1.28_k3.12.62_55-16.34.1
ipset-6.21.1-2.38.1
ipset-debuginfo-6.21.1-2.38.1
ipset-debugsource-6.21.1-2.38.1
ipset-devel-6.21.1-2.38.1
ipset-kmp-default-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-default-debuginfo-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-desktop-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-desktop-debuginfo-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-xen-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-xen-debuginfo-6.21.1_k3.12.62_55-2.38.1
iscsitarget-1.4.20.3-13.34.1
iscsitarget-debuginfo-1.4.20.3-13.34.1
iscsitarget-debugsource-1.4.20.3-13.34.1
iscsitarget-kmp-default-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-desktop-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-xen-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.62_55-13.34.1
kernel-default-3.12.62-55.1
kernel-default-base-3.12.62-55.1
kernel-default-base-debuginfo-3.12.62-55.1
kernel-default-debuginfo-3.12.62-55.1
kernel-default-debugsource-3.12.62-55.1
kernel-default-devel-3.12.62-55.1
kernel-syms-3.12.62-55.1
libipset3-6.21.1-2.38.1
libipset3-debuginfo-6.21.1-2.38.1
ndiswrapper-1.58-35.1
ndiswrapper-debuginfo-1.58-35.1
ndiswrapper-debugsource-1.58-35.1
ndiswrapper-kmp-default-1.58_k3.12.62_55-35.1
ndiswrapper-kmp-default-debuginfo-1.58_k3.12.62_55-35.1
ndiswrapper-kmp-desktop-1.58_k3.12.62_55-35.1
ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.62_55-35.1
openvswitch-1.11.0-0.41.1
openvswitch-controller-1.11.0-0.41.1
openvswitch-controller-debuginfo-1.11.0-0.41.1
openvswitch-debuginfo-1.11.0-0.41.1
openvswitch-debugsource-1.11.0-0.41.1
openvswitch-kmp-default-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-default-debuginfo-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-desktop-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-xen-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.62_55-0.41.1
openvswitch-pki-1.11.0-0.41.1
openvswitch-switch-1.11.0-0.41.1
openvswitch-switch-debuginfo-1.11.0-0.41.1
openvswitch-test-1.11.0-0.41.1
pcfclock-0.44-258.35.1
pcfclock-debuginfo-0.44-258.35.1
pcfclock-debugsource-0.44-258.35.1
pcfclock-kmp-default-0.44_k3.12.62_55-258.35.1
pcfclock-kmp-default-debuginfo-0.44_k3.12.62_55-258.35.1
pcfclock-kmp-desktop-0.44_k3.12.62_55-258.35.1
pcfclock-kmp-desktop-debuginfo-0.44_k3.12.62_55-258.35.1
python-openvswitch-1.11.0-0.41.1
python-openvswitch-test-1.11.0-0.41.1
python-virtualbox-4.2.36-2.66.1
python-virtualbox-debuginfo-4.2.36-2.66.1
vhba-kmp-debugsource-20130607-2.34.1
vhba-kmp-default-20130607_k3.12.62_55-2.34.1
vhba-kmp-default-debuginfo-20130607_k3.12.62_55-2.34.1
vhba-kmp-desktop-20130607_k3.12.62_55-2.34.1
vhba-kmp-desktop-debuginfo-20130607_k3.12.62_55-2.34.1
vhba-kmp-xen-20130607_k3.12.62_55-2.34.1
vhba-kmp-xen-debuginfo-20130607_k3.12.62_55-2.34.1
virtualbox-4.2.36-2.66.1
virtualbox-debuginfo-4.2.36-2.66.1
virtualbox-debugsource-4.2.36-2.66.1
virtualbox-devel-4.2.36-2.66.1
virtualbox-guest-kmp-default-4.2.36_k3.12.62_55-2.66.1
virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.62_55-2.66.1
virtualbox-guest-kmp-desktop-4.2.36_k3.12.62_55-2.66.1
virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.62_55-2.66.1
virtualbox-guest-tools-4.2.36-2.66.1
virtualbox-guest-tools-debuginfo-4.2.36-2.66.1
virtualbox-guest-x11-4.2.36-2.66.1
virtualbox-guest-x11-debuginfo-4.2.36-2.66.1
virtualbox-host-kmp-default-4.2.36_k3.12.62_55-2.66.1
virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.62_55-2.66.1
virtualbox-host-kmp-desktop-4.2.36_k3.12.62_55-2.66.1
virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.62_55-2.66.1
virtualbox-qt-4.2.36-2.66.1
virtualbox-qt-debuginfo-4.2.36-2.66.1
virtualbox-websrv-4.2.36-2.66.1
virtualbox-websrv-debuginfo-4.2.36-2.66.1
xen-debugsource-4.3.4_10-67.1
xen-devel-4.3.4_10-67.1
xen-kmp-default-4.3.4_10_k3.12.62_55-67.1
xen-kmp-default-debuginfo-4.3.4_10_k3.12.62_55-67.1
xen-kmp-desktop-4.3.4_10_k3.12.62_55-67.1
xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.62_55-67.1
xen-libs-4.3.4_10-67.1
xen-libs-debuginfo-4.3.4_10-67.1
xen-tools-domU-4.3.4_10-67.1
xen-tools-domU-debuginfo-4.3.4_10-67.1
xtables-addons-2.3-2.33.1
xtables-addons-debuginfo-2.3-2.33.1
xtables-addons-debugsource-2.3-2.33.1
xtables-addons-kmp-default-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-default-debuginfo-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-desktop-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-xen-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-xen-debuginfo-2.3_k3.12.62_55-2.33.1

- openSUSE 13.1 (i686 x86_64):

kernel-debug-3.12.62-55.1
kernel-debug-base-3.12.62-55.1
kernel-debug-base-debuginfo-3.12.62-55.1
kernel-debug-debuginfo-3.12.62-55.1
kernel-debug-debugsource-3.12.62-55.1
kernel-debug-devel-3.12.62-55.1
kernel-debug-devel-debuginfo-3.12.62-55.1
kernel-desktop-3.12.62-55.1
kernel-desktop-base-3.12.62-55.1
kernel-desktop-base-debuginfo-3.12.62-55.1
kernel-desktop-debuginfo-3.12.62-55.1
kernel-desktop-debugsource-3.12.62-55.1
kernel-desktop-devel-3.12.62-55.1
kernel-ec2-3.12.62-55.1
kernel-ec2-base-3.12.62-55.1
kernel-ec2-base-debuginfo-3.12.62-55.1
kernel-ec2-debuginfo-3.12.62-55.1
kernel-ec2-debugsource-3.12.62-55.1
kernel-ec2-devel-3.12.62-55.1
kernel-trace-3.12.62-55.1
kernel-trace-base-3.12.62-55.1
kernel-trace-base-debuginfo-3.12.62-55.1
kernel-trace-debuginfo-3.12.62-55.1
kernel-trace-debugsource-3.12.62-55.1
kernel-trace-devel-3.12.62-55.1
kernel-vanilla-3.12.62-55.1
kernel-vanilla-debuginfo-3.12.62-55.1
kernel-vanilla-debugsource-3.12.62-55.1
kernel-vanilla-devel-3.12.62-55.1
kernel-xen-3.12.62-55.1
kernel-xen-base-3.12.62-55.1
kernel-xen-base-debuginfo-3.12.62-55.1
kernel-xen-debuginfo-3.12.62-55.1
kernel-xen-debugsource-3.12.62-55.1
kernel-xen-devel-3.12.62-55.1

- openSUSE 13.1 (noarch):

kernel-devel-3.12.62-55.1
kernel-docs-3.12.62-55.2
kernel-macros-3.12.62-55.1
kernel-source-3.12.62-55.1
kernel-source-vanilla-3.12.62-55.1
virtualbox-host-source-4.2.36-2.66.1

- openSUSE 13.1 (x86_64):

xen-4.3.4_10-67.1
xen-doc-html-4.3.4_10-67.1
xen-libs-32bit-4.3.4_10-67.1
xen-libs-debuginfo-32bit-4.3.4_10-67.1
xen-tools-4.3.4_10-67.1
xen-tools-debuginfo-4.3.4_10-67.1
xen-xend-tools-4.3.4_10-67.1
xen-xend-tools-debuginfo-4.3.4_10-67.1

- openSUSE 13.1 (i686):

kernel-pae-3.12.62-55.1
kernel-pae-base-3.12.62-55.1
kernel-pae-base-debuginfo-3.12.62-55.1
kernel-pae-debuginfo-3.12.62-55.1
kernel-pae-debugsource-3.12.62-55.1
kernel-pae-devel-3.12.62-55.1

- openSUSE 13.1 (i586):

cloop-kmp-pae-2.639_k3.12.62_55-11.34.1
cloop-kmp-pae-debuginfo-2.639_k3.12.62_55-11.34.1
crash-kmp-pae-7.0.2_k3.12.62_55-2.34.1
crash-kmp-pae-debuginfo-7.0.2_k3.12.62_55-2.34.1
hdjmod-kmp-pae-1.28_k3.12.62_55-16.34.1
hdjmod-kmp-pae-debuginfo-1.28_k3.12.62_55-16.34.1
ipset-kmp-pae-6.21.1_k3.12.62_55-2.38.1
ipset-kmp-pae-debuginfo-6.21.1_k3.12.62_55-2.38.1
iscsitarget-kmp-pae-1.4.20.3_k3.12.62_55-13.34.1
iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.62_55-13.34.1
ndiswrapper-kmp-pae-1.58_k3.12.62_55-35.1
ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.62_55-35.1
openvswitch-kmp-pae-1.11.0_k3.12.62_55-0.41.1
openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.62_55-0.41.1
pcfclock-kmp-pae-0.44_k3.12.62_55-258.35.1
pcfclock-kmp-pae-debuginfo-0.44_k3.12.62_55-258.35.1
vhba-kmp-pae-20130607_k3.12.62_55-2.34.1
vhba-kmp-pae-debuginfo-20130607_k3.12.62_55-2.34.1
virtualbox-guest-kmp-pae-4.2.36_k3.12.62_55-2.66.1
virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.62_55-2.66.1
virtualbox-host-kmp-pae-4.2.36_k3.12.62_55-2.66.1
virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.62_55-2.66.1
xen-kmp-pae-4.3.4_10_k3.12.62_55-67.1
xen-kmp-pae-debuginfo-4.3.4_10_k3.12.62_55-67.1
xtables-addons-kmp-pae-2.3_k3.12.62_55-2.33.1
xtables-addons-kmp-pae-debuginfo-2.3_k3.12.62_55-2.33.1


References:

https://www.suse.com/security/cve/CVE-2016-5195.html
https://www.suse.com/security/cve/CVE-2016-8666.html
https://bugzilla.suse.com/1001419
https://bugzilla.suse.com/1001486
https://bugzilla.suse.com/1002165
https://bugzilla.suse.com/1004418

--
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung